32[00:34:13] <jmcnaught> You see i3 in the output of "systemctl status display-manager.service"? In the journal lines at the bottom?
33[00:34:47] <horribleprogram> nope
34[00:34:57] <horribleprogram> wmname outputs i3
35[00:35:42] <horribleprogram> brb
36[00:35:44] *** Quits: horribleprogram (~horriblep@replaced-ip) (Quit: Where I came from the Great Wild 'n shit, where you can get shot if you crack smiles and shit...)
134[02:45:59] <jmcnaught> alexrelis[m]: if the new UEFI system also supports legacy BIOS or CSM booting then you could start by taking an image of the old drive and copying it onto the new drive. Then once you have it booting in legacy BIOS mode you can think about converting to UEFI.
135[02:46:59] <jmcnaught> alexrelis[m]: converting to UEFI would require booting from UEFI media such as a debian installer netinst ISO using the rescue boot option (under advanced) which can give you a shell in a chroot of the target system.
138[02:49:08] <alexrelis[m]> jmcnaught: would the new drive have to have a MBR partition scheme? Or could I make it GPT from the beginning and still boot in legacy mode?
139[02:49:28] <jmcnaught> alexrelis[m]: from there you would need to make room for an ESP (EFI System Partition) to be mounted at /boot/efi. Then you should be able to install grub-efi in the chroot. I would not attempt any of this without a backup of course.
140[02:50:02] <jmcnaught> alexrelis[m]: I might be wrong but I think that you can have an ESP on an MBR formatted drive, but that is definitely something to check.
142[02:50:56] <jmcnaught> alexrelis[m]: maybe it makes more sense to partition the new drive with GPT, and instead of copying an image of the drive over, copying individual partitions.
143[02:52:55] <jmcnaught> That way you don't have to shrink a partition to make room for /boot/efi
144[02:53:14] <quadrathoch2> alexisrelis[m] it is possible to have an esp on mbr, that’s done so you can boot csm/uefi from the same disk. You would still need to install grub twice
145[02:56:12] *** Quits: godane (~godane4@replaced-ip) (Remote host closed the connection)
148[02:57:49] <alexrelis[m]> jmcnaught: okay.. Now I'm going to ask something a little more complicated. My old SSD is non-lvm and encrypted / with LUKS 1. I want to make the new SSD lvm with encrypted / with LUKS 2. How could I do this?
154[03:04:51] <alexrelis[m]> On second thought, it's fine if I remain on LUKS 2. I read that GRUB on Debian stable can't read LUKS2 encryptied partitions yet.
155[03:05:03] <jmcnaught> alexrelis[m]: well understand that my experience is limited with LUKS creation outside of debian-installer, but I would try this: partition new SSD with ext2 /boot, FAT32 /boot/efi, and the rest for encrypted volume. Possibly leave 10% unallocated as over-provisioning…
156[03:05:12] <jmcnaught> alexrelis[m]: that's the reason for separate /boot
158[03:07:44] <jmcnaught> alexrelis[m]: you would use "cryptsetup luksFormat <device>" to make the encrypted volume, then "pvcreate /dev/mapper/????_crypt", then "vgcreate <volume group name> /dev/mapper/????_crypt" to make your volume group.
160[03:08:47] <jmcnaught> alexrelis[m]: then you could use the lvcreate command to make individual volumes for rootfs, swap, home (to match the partitions on the old drive), then copy the old drive's partitions to those LVM volumes
161[03:10:46] <jmcnaught> update /etc/fstab to reflect the changes, then reboot into d-i's rescue chroot shell, install grub-efi, run update-initramfs -u
162[03:11:05] <jmcnaught> alexrelis[m]: if that does not work then at least you still have the old drive and its backup!
164[03:12:52] <jmcnaught> overall it might be simpler to do a fresh install on the new SSD, let d-i guided partitioning set up LUKS 2 and LVM for you, then reinstall packages and copy your files from /home and /etc from the backup
165[03:13:03] <alexrelis[m]> jmcnaught: thank you so much.
167[03:15:52] <jmcnaught> alexrelis[m]: I did something similar but much simpler this week. I migrated my buster UEFI LVM non-LUKS from one SSD to another. For that I created /boot and /boot/efi on the new drive, copied the files over, updated /etc/fstab, rebooted into a d-i rescue chroot to run update-grub, and deleted the old /boot and /boot/efi.
168[03:16:11] *** Quits: prints (~333@replaced-ip) (Quit: radio.theholyroger.com)
169[03:16:30] *** Quits: k4nz (~Thunderbi@replaced-ip) (Remote host closed the connection)
171[03:17:01] <jmcnaught> alexrelis[m]: after I confirmed that booting worked I added the rest of the new SSD to my LVM volume group and used "pvmove /dev/oldSSD /dev/newSSD" to move all the logical volumes. Then I removed the old SSD from the volume group, and I was done.
172[03:17:46] *** Joins: Prints (~333@replaced-ip)
188[03:30:23] <alexrelis[m]> jmcnaught: cool! I'm fine with copying partitions and reinstalling grub, but my head starts to hurt once I have to deal with LVM and encrypted boot all at the same time haha.
192[03:34:54] <jmcnaught> alexrelis[m]: yeah it is a lot of layers to think about all at once. I only bother with encryption on my laptop since it is portable, and I just go with what the debian installer sets up for me.
193[03:36:01] <jmcnaught> alexrelis[m]: good luck, I hope you get it working.
201[03:51:15] <scrulO0se> Okay, I *know* I've seen apt offer a merge option for config file conflicts... but it doesn't offer it on my current Bullseye laptop and I can't seem to find any reference anywhere that tells me how to enable this. What am I missing?
262[05:53:29] <sgo11> Hi, I am using virt-manager for virtual machines. But I don't use VM all the time. Actually I rarely use them. But I found out the background services are auto started at boot. How can I completely disable all VM related services at boot? I'd rather enable them on demand when I use them. So far I think I can `systemctl disable libvirt-guests` and `systemctl disable libvirtd`. what else? Thanks a lot.
265[05:55:05] <jmcnaught> sgo11: libvirt-guests is a service that runs at shutdown to stop any guests that are still running, it is not persistent so you might as well enable that one again.
266[05:55:28] <petn-randall> sgo11: IMHO there's not much benefit of disabling them. If you don't use them, they'll idle and the memory will be swapped out.
267[05:56:52] <jmcnaught> sgo11: "systemctl status libvirtd.service" here reports only 59.8 MB of memory used. I agree with pétn-randall.
268[05:56:53] <t3st3r> maybe that's why I use just plain qemu from command line: brings no enterprise grade "goodies" on my head
269[06:01:11] <sgo11> Thank you all for the replies. I am running a persistent live system on an external USB drive. That's why I think I should disable anything which are not requried to speed up the system. Do you still suggest those services running in a live system on external USB drive? Thanks.
270[06:01:59] <sgo11> I even plan to execute `virsh net-destroy default`. Not sure how much resources that virtual netowrk will use on startup and running system.
272[06:04:47] <jmcnaught> sgo11: after running "virsh net-start default" libvirtd.service is now using 61.7MB of memory (from 59.8MB before)… unless your machine is memory starved I would not worry about micro-managing services and just let the kernel handle things.
276[06:07:18] <sgo11> jmcnaught: so all these services will only use memory in general. Won't they make any overhead on CPU? (Sorry that I am not sure if my English makes sense or not.) Cheers.
277[06:08:50] <jmcnaught> sgo11: libvirtd does not constantly consume CPU while it is idle. Libvirtd does not consume very much CPU when a virtual machine is running either, the qemu process is what uses the CPU.
278[06:09:38] <sgo11> jmcnaught: got it. Thanks a lot. :)
279[06:10:36] <jmcnaught> sgo11: run the "top" command, and sort by CPU usage by pressing capital P, q to quit. While top is running you can see which programs are using CPU.
280[06:11:35] <sgo11> jmcnaught: yeah, I was just afraid it would use CPU when I don't pay attention sometimes randomly. :) I am just too suspicious
283[06:15:13] <jmcnaught> sgo11: when libvirtd is running the default network (or similar ones) it is just running an instance or two of dnsmasq which is very tiny. dnsmasq is the DHCP server and DNS forwarder in a lot of Linux based consumer routers, even old ones with 4MB of RAM. Your computer can probably handle it running all the time if it is capable of running virtual machines.
304[06:46:37] *** rgdgnfnfgh is now known as S3xyL1nux
305[06:47:35] <brachamh> longest uptime yet for my home server: 24 days, 15 hours. just an old desktop with non-ecc ram, etc, so i'm impressed. just today started having some usb device errors which seem to show that the usb controller is having trouble. going to reboot to see if it is the extended uptime that's causing issues.
321[07:02:38] <jmcnaught> The command in the !termbin factoid does not need cat, it can be done with "nc termbin.com 9999 < /path/to/file" but I suppose it does demonstrate piping.
340[07:46:12] <brachamh> apparently i have more issues...docker seems to continually be trying to pull images for some reason. it was all working properly.
341[07:49:06] *** Quits: monkwitdafunk (uid238811@replaced-ip) (Quit: Connection closed for inactivity)
363[08:21:09] <brachamh> is that a sign my mainboard is failing?
364[08:24:12] <jelly> it is more likely you have a quirky usb device, like a cheap printer, than a mainboard issue
365[08:24:25] <brachamh> i haven't changed a thing
366[08:25:48] <jelly> and those usb errors might have been happening before, have you read these logs before last boot?
367[08:25:56] *** Quits: torbo (~user@replaced-ip) (Remote host closed the connection)
368[08:26:28] <brachamh> i haven't checked the logs for a while, but the errors were showing up on the terminal screen as they happened before i rebooted
369[08:26:49] <jelly> you can probably ignore those since the printer seems to manage to connect after a try or three
370[08:27:17] <brachamh> just today. was on that same system for a while yesterday as well and no errors. you figure it is the printer?
375[08:30:17] <jelly> but if everything works, ignore it. Or connect the printer to a different port, reboot again and see if both the errors and the printer usb numbers change in dmesg log
376[08:31:04] <brachamh> mainboard ethernet is pci, right?
412[08:52:56] <jelly> brachamh: ah see, now it's usb 4-1, before it was usb 5-7
413[08:53:38] <brachamh> i have both the printer and the keyboard plugged into their original ports
414[08:53:49] <jelly> brachamh: that's... weird, then :-)
415[08:54:46] <epitamizor> as long as the port is working for mouse/printer etc. it seems to be software bug or false positive
416[08:55:16] <brachamh> yeah. i gotta get this docker issue figured out though for now...i use my containers daily, but i can't have docker continually attempting to pull images
417[08:55:38] <brachamh> epitamizor, ok. still weird.
418[08:57:17] <epitamizor> brachamh, its probably some resource contention or readiness issue, as that only occurs during boot, so the resource may generate that until it gets initialized
420[08:59:17] <brachamh> epitamizor: no there were same/similar usb errors showing up while i was using the system earlier. it had been up for 24 days at that point.
421[09:00:20] <brachamh> hadn't had any errors until today.
422[09:01:11] <epitamizor> was any usb device removed or plugged in?
423[09:01:28] <brachamh> nope. home server, nothing has changed for months
424[09:01:49] <brachamh> only reason it had been rebooted 24 days ago is the power flashed lol
425[09:02:09] <epitamizor> lol that will definitely screw up systems
426[09:02:19] <jelly> brachamh: honestly I see errors like these regularly on my desktops, with usb sound cards, usb hubs on monitors
427[09:02:25] <epitamizor> probably fried some components
428[09:03:09] <brachamh> well, not sure it was a flash...it was an abnormality. so an issue showed up 24 days later?
429[09:03:18] <jelly> brachamh: if all the usb ports still appear to work, ignore it. You might want to see if USB3 devices still work with usb3 speeds. Neither a keyboard nor a printer will exercise that.
435[09:03:53] <brachamh> i simply did a full shutdown instead of a reboot.
436[09:04:18] <brachamh> the network card connected immediately like i'm used to, and so far no usb errors
437[09:04:40] <jelly> epitamizor: any yet, many usb devices are quirky and linux kernels expose all sorts of transient crap
438[09:05:19] <brachamh> jelly, i don't think this thing has usb3. it's about ten years old.
439[09:05:36] <brachamh> and yes, after the shutdown and restart, no errors
440[09:05:47] <epitamizor> until 24days...
441[09:06:18] <brachamh> i'd rebooted nearly ten times in the last hour or two, and the errors persisted
442[09:07:01] <brachamh> if i have to shut down this old thing every three weeks or so to "clear" it, that's not bad at all, IMO. it's just an old desktop with non-ecc ram, etc
457[09:17:06] <brachamh> oh, that's right, there is an sd card reader. never used it though. honestly didn't realize it was plugged in...this thing has a whole bunch of usb ports on the top and front of the case, and i don't think the board supports all of them, IIRC
462[09:20:18] <brachamh> oh yeah, device 4 is the card reader
463[09:20:25] <kristijonas> Hello, could someone help me configure DNS over TLS (DoT) on current stable? kind of got confused with all these systemd-resolved, unbound and knot configuration.
469[09:25:07] <brachamh> jelly, thanks for your help! now i just need to figure out that docker issue. tomorrow though. i think i'm heading to bed. 2.30am is late enough lol
483[09:37:32] <kristijonas> quadrathoch2, should I get rid of unbound? I installed it, as well as knot, but didn't manage to properly configure those.
484[09:38:20] <quadrathoch2> kristijonas I would just use the things which come by default. but you can use the others if you want. but no idea how to set those up (i'm pretty sure unbound is a full dns server, so not the right tool for a client)
500[09:44:40] <kristijonas> quadrathoch2, alright, I will give it a try! but I'll have to re-enable the systemd-resolved, right after editing the config file, right?
501[09:45:02] <quadrathoch2> kristijonas reenable? did you disable it?
507[09:47:27] <jelly> Jmabsd: <quadrathoch2> Jmabsd doesn't sound like it does, as qemu-kvm isn't build for power9 <judd> No package named 'qemu-kvm' was found in ppc64el. <jelly> that will kill the "out of the box" requirement pretty decisively
508[09:47:47] <Jmabsd> Weird
509[09:47:56] <Jmabsd> jelly,quadrathoch2: so weird - for RHEL they have it
510[09:48:00] <quadrathoch2> kristijonas oO systemd-resolved is used as default since 16.10 or something like that
511[09:48:04] <Jmabsd> Debian should def have this, why would only RHEL do ????
512[09:48:15] <quadrathoch2> Jmabsd because they earn money with it
513[09:48:18] <jelly> Jmabsd: it's not weird at all, RHEL has enterprise customers
514[09:48:36] <jelly> quadrathoch2: 16.10 is not a Debian :-)
515[09:48:46] <quadrathoch2> argh, you are right, doh
516[09:49:03] <quadrathoch2> i thought i was in #ubuntu
517[09:49:27] <jelly> np
518[09:49:34] * arahael sprinkles some holy water over the room, especially in the direction of quadrathoch2.
519[09:49:42] <genr8_> bah. major security patch on libproxy1v5 for buffer overflow, 2 CVEs. (almost everything auto-uses that lib too)
522[09:50:02] <jelly> arahael: Ubuntu is not a curse word!
523[09:50:09] <quadrathoch2> kristijonas yep then you would need to enable it xD
524[09:50:19] *** Parts: psyvenrix (~someDrong@replaced-ip) ("leaving due to ethics")
525[09:50:23] <arahael> jelly: Heh, but confusing it with debian is almost one! ;)
526[09:51:02] <jelly> kristijonas: honestly I'd trust unbound more than resolved, but if you have resolved by default you might as well try and see if it works for you
527[09:51:19] * jelly has never done DoT with either, it's just a gut feeling
528[09:51:51] <quadrathoch2> jelly, as I never used unbound, _shrug_
529[09:52:04] <quadrathoch2> but isn't unbound a full fledged dns server? not a client?
530[09:52:15] <Jmabsd> quadrathoch2: do you believe KVM-QEMU for Power9 can be built and made to work easy?
531[09:52:33] <quadrathoch2> Jmabsd idk, as I never had a power9 machine
532[09:52:57] <jelly> quadrathoch2: it's a recursor server.
533[09:53:44] <kristijonas> jelly, yea, i believe unbound and or knot would be something more secure. but i'll first try with systemd-resolved, once I figure how to enable it
534[09:53:45] <jelly> I think debian packaging has integration with resolvconf and adds nameserver 127.0.0.1 to /etc/resolv.conf
535[09:53:45] <quadrathoch2> Jmabsd as suse also has a version, I guess you could look into both buildconfigs and figure something out
537[09:54:02] <Jmabsd> quadrathoch2: oh there's a #debianppc channel, great
538[09:54:43] <jelly> Jmabsd: but be patient with small channels, it may take days to get an answer
539[09:55:46] <Jmabsd> quadrathoch2: "Works fine as a KVM host via virt-manager (tested with Debian 10 as the guest)." replaced-url
540[09:57:52] <jelly> that doesn't say which distor they used as host
541[09:58:02] <quadrathoch2> Jmabsd so it sounds like it should be reletively easy to get it compiled, i assume so, as redhat+suse are working on it and earn money with it.
542[09:58:13] <quadrathoch2> jelly which he was looking for?
610[10:40:37] <epitamizor> git is a content revision program
611[10:40:48] <shtrb> I know :)
612[10:41:13] <genr8_> whats wrong with git
613[10:41:22] <epitamizor> user error maybe?
614[10:41:28] <shtrb> genr8_, maybe I'm using a canon to kill a fly each time
615[10:42:02] <shtrb> I'm using git, but I took git in the first place because I'm custom to git , and maybe it was the wrong tool
616[10:42:33] <epitamizor> you still havent said anything specific on why its not adequate
617[10:43:24] <shtrb> I'm asking if there are better tools than that and better approached, It's good for me , but maybe there are better tools which i'm not aware of that solve problems I just take for granted
661[11:16:23] <jelly> > You should not buy one and expect it to compare favourably with x86 or a Raptor system. [...] On the other hand, there's a good chance this will be another truly open system
709[12:09:50] <keithweisshar> why does Windows show most of the bootable installer usb as unallocated except the first partition with the efi folder after writing raw iso-hybrid image to usb
710[12:10:01] *** Quits: dselect (~dselect@replaced-ip) (Quit: ouch... that hurt)
711[12:10:26] *** Quits: psych094 (~Thunderbi@replaced-ip) (Quit: Hope to be back soon! 👋)
808[13:56:56] <timwis> Hey all, I'm running a third party script that runs apt-get install. Is there a way to make those --quiet without modifying the script? E.g. by env var or `set` command of some sort?
809[13:58:48] <genr8_> redirect to > /dev/null ?
810[13:59:04] <ratrace> Deyaa: pastebin your vsftpd.conf please
831[14:05:59] <mzajc> is there a way to force an executable to launch with additional environment variables in a clean way? I'm currently facing issues where I have to set QT_QUICK_BACKEND to 'software' to fix issues with some kde programs on nvidia drivers, while some other programs require the same variable to be set to 'hardware'. I'm currently using the unclean approach of replacing the executable with a shellscript that adds the variables and then launches the actual
832[14:06:01] <mzajc> executable, which is located somewhere else, but that hinders updates
854[14:11:48] <ratrace> mzajc: so you need env specifically for the entire shell itself but not for its children processes?
855[14:11:58] <mzajc> yes, precisely
856[14:12:14] <mzajc> although I don't think processes are launched as children of plasmashell on kde
857[14:12:55] <genr8_> i have a great idea. fork and recompile. ez........
858[14:12:57] <mzajc> specifically systemsettings5 has issues when QT_QUICK_BACKEND is set to hardware. it does have a desktop file, but that desktop file isn't used then you launch it indirectly, eg. from an applet
859[14:13:13] <ratrace> there should be a definition of how the shell is started by the DM somewhere in /etc , and there you cna prepent the env command with your vars, to the exec line
860[14:13:17] <mzajc> genr8_: I would, but again, I'm trying to not hinder updates here
861[14:13:34] <mzajc> let's see about /etc..
862[14:13:46] <ratrace> ah wait... /usr/share/xsessions/ and it's maybe a .desktop launcher?
863[14:14:18] <mzajc> yes, that's a lot closer!
864[14:14:25] <mzajc> the executable is /usr/bin/startplasma-x11
865[14:16:41] <ratrace> mzajc: is there a .desktop for it in /usr/share/sessions ?
883[14:23:13] <mzajc> nope, no go. x did absolutely not like me changing the Exec value
884[14:23:31] <mzajc> had to jump into a vt to fix it
885[14:24:41] <ratrace> how did you change it exactly? and it's not X that cares about it, but the DM
886[14:25:13] <genr8_> ratrace, why do you want the "env"
887[14:26:08] <ratrace> genr8_: ?
888[14:26:24] <mzajc> actually, I skipped the env because I thought it wasn't required, since it works on regular desktop files
889[14:26:31] <mzajc> let me try it with env real quick
890[14:26:33] <genr8_> thats what im asking
891[14:26:36] <genr8_> the env command, why
892[14:26:38] <ratrace> no I don't think that Exec is a shell context
893[14:26:47] <ratrace> genr8_: because I don't think Exec is a shell context
894[14:27:17] <mzajc> it sure is from plasma's perspective, but I guess that it might not be from DM's
895[14:27:46] <ratrace> running things like `FOO=bar somecommand ` is a shell construct specifically. otherwies you need to explicitely call the env command with arguments of variables and what to call next in that context
897[14:27:57] <ratrace> mzajc: it's launched by the DM,
898[14:28:25] <ratrace> the DM uses the Exec line to launch the session. afaik that Exec context is NOT a shell context, meaning you need explicit call to env(1)
899[14:29:47] <ratrace> mzajc: "it sure is from plasma's perspective" nope. The "shell" here I mean is things like bash, or dash, or csh.... not the "plasma shell" which has nothing to do with the command line shells.
900[14:30:10] <mzajc> ratrace: no, that's not what I meant
901[14:30:41] <mzajc> when you launch a program using a desktop file from plasma, it launches it in a shell, meaning that the env can be skipped
913[14:34:02] <mzajc> I suppose I could just wait for a nvidia driver update since this is a pretty minor issue
914[14:34:17] <ratrace> mzajc: maybe you can try this then. alter your PATH (via ~/.xsessionrc or similar, not a ~/<shell rc>) to source your ~/bin/ first, then you put teh commands you want to override with custom scripts that set env, in ~/bin/
915[14:34:53] <ratrace> but .... no, that probably wouldn't work as launchers are typically supplying full paths .... welp.... out of ideas.
924[14:40:16] <ratrace> mzajc: how many programs require the other value for that env? maybe you can override _their_ launchers?
925[14:40:25] <mzajc> nevermind, looks like I found exactly where it's started from: "At least on Debian 5, the autostart of plasmashell is specified by /etc/xdg/autostart/org.kde.plasmashell.desktop, which does have the X-KDE-autostart-phase=0 set."
926[14:41:06] <mzajc> currently the default QT_QUICK_BACKEND is hardware, but I can override that to software in /etc/profile
927[14:41:33] <mzajc> from what I can tell the only program that doesn't work with hardware is systemsettings5, and the only program that doesn't work with software is plasmashell
961[15:20:49] <brenlae> hello, installed debian 10.6 last night, got it all configured, very pleased - came from ubuntu, needed something that uses less RAM and is more stable
967[15:22:31] <shtrb> Eryn_1983_FL, you probably can setup it to listen on a local interface only (if you actually need it )
968[15:23:33] <nevivurn> Eryn_1983_FL: if you don't have a firewall set up to block access + if access to glances allows bad people to do bad stuff, yes.
1012[15:56:27] *** Quits: os_ (~Usama@replaced-ip) (Remote host closed the connection)
1013[15:56:48] <Na_Klar> I got a spammer attack on my mailserver. I blocked the subnet on my mailserver but I wanted to block it from iptables so that my mailserver logfiles don't get flodded. I iptables -A INPUT -s xx.xx.xx.xx/16 -j DROP, but the IP still reaches my mailserver. why is that?
1017[16:00:25] <LtL> Na_Klar: use iptables -I INPUT
1018[16:00:47] <GNU\colossus> Na_Klar, many possibilities. your rule could be ineffective due to an ealrier rule making that traffic hit ACCEPT right away, for instance. you'll have to provide the full ruleset for anyone to tell.
1019[16:00:57] <jelly> Na_Klar: show your complete iptables rules, use iptables-save or at least iptables -S
1022[16:01:11] <jelly> Na_Klar: please to not change or hide info.
1023[16:02:35] <Na_Klar> ah okay, I didn't consider conflicting rules ... and with -A I appended on the chain. Will -I avoid appending? Like a "stand-alone" rule?
1026[16:03:30] <GNU\colossus> -I will INSERT (at the beginning of the chain)
1027[16:03:44] <jelly> there's no such thing as a standalone rule, but you can add one at any point in a chain, ... -I chainname 1 ... would add at the beginning, before other rules
1028[16:03:49] <Na_Klar> yes, got that
1029[16:03:53] <GNU\colossus> (this is the moment you start reading the docs, btw ;))
1030[16:04:04] <Na_Klar> thanks, that explains it most likely.
1031[16:04:09] <jelly> -I chain requires a number after chain name
1032[16:04:21] <Na_Klar> yes, default seems to be "1"
1033[16:04:44] <jelly> there used to be no default, maybe that changed recently
1035[16:05:00] <Na_Klar> dunno .. but thanks for pointing out
1036[16:05:41] <jelly> for me "recently" might be "since iptables replaced ipchains" :-)
1037[16:05:58] <GNU\colossus> :)
1038[16:06:37] <Agiofws> i have copied a debian installer iso to a usb stick cp foo.iso /dev/sdh it seems that there are 2 kind of installers one for a eufi gpt partition system and one for legasy mode bios ? my problem is that when i boot from the stick i get the installers options but what ever i select it freezes, i have disabled fast and secure boot do you have any suggestions thank you
1039[16:07:26] <jelly> Agiofws: the same installer does both bios and uefi.
1040[16:07:29] <Agiofws> i'm trying to install linux on a laptop
1041[16:08:10] <Na_Klar> setting the rule on top of the chain works as expected. thanks. will the spammer get an instant block reaction or will he have to timeout his request? (this I would wish him)
1042[16:08:29] <Agiofws> why does it freeze? anything i can try ? its an amd 4500u gpu may sometihng to do with intergrated graphics ?
1044[16:09:15] <jelly> Agiofws: hard to say, but assuming there's an issue with graphics you might try to use the installer image with firmware, if you're not using that already
1045[16:09:20] <jelly> !firmware images
1046[16:09:21] <dpkg> There are <live> system and <netinst> and DVD images containing non-free Debian <firmware> packages available from replaced-url
1047[16:10:02] <Agiofws> i tried booting on another pc and booting via legash mode partition from the usb installer it worked
1087[16:26:45] <Stonefruit> I downloaded a jar file and a directory of its dependencies. I'd like to be able to call the jar file from the command line, from any directory. how do I do this? from googling it seems I should put it in /usr/share/java, but I ) can't seem to invoke any of the jar files there if I'm not in the directory, and 2) each jar file has a tar file associated with it, which I don't understand fully. I don't know anything about java.
1088[16:27:44] <lnxslck> Stonefruit: maybe thats where you need to start
1089[16:27:47] <lnxslck> learn about Java
1090[16:28:20] <lnxslck> as for the other part, you need to place the binary location on your PATH, or put the binary on an existing PATH location
1105[16:37:04] <Stonefruit> I downloaded a jar file and a directory which keeps its dependencies. if I am in the directory with the jar file, I can invoke it as $ java -jar astral.5.7.4.jar -options filename
1106[16:37:38] <Stonefruit> if I'm outside of the directory, I can invoke it by putting in the full path. but I'd like to just type "$ astral -options filename" and have it work
1107[16:37:57] <lnxslck> build a script that does what you want
1108[16:38:04] <lnxslck> and place that in your PATH
1109[16:38:19] <EdePopede> didn't use too many java programs, but the few came with a wrapper script or recommended creating one with some settings for the env or doing sth with the memory. and these went into $PATH then, the jars all stayed $somewhere.
1110[16:39:11] <lnxslck> a script should get you there
1111[16:39:20] <Stonefruit> right, that makes sense
1112[16:39:32] <EdePopede> Stonefruit: no idea if java has a list of directories where it looks for jar files, but using a path (relative or absolute) should work. i'd still prefer the wrapper script. it's safe and flexible.
1139[17:02:18] *** Quits: milkt (~debian@replaced-ip) (Remote host closed the connection)
1140[17:04:58] <jelly> d3y44: figure out which user is used for anonymous ftp. Make a subdirectory for uploads. Make it writable for that user, or their primary group.
1152[17:13:17] <alexrelis[m]> I am soon to be getting a laptop with a Ryzen 7 4700U CPU with integrated graphics. I have installed `firmware-amd-graphics` and `linux-image-amd64`. Do I need anything else to get the computer working on Buster? I heard from somewhere that I needed the latest mesa.
1153[17:14:10] <otisolsen70> I have a partition layout that is something like this: [/][/home][/boot][/usr][unallocated] Now, I have a lot of unallocated space and no space left on /home. So I want to grow /home. How can I do that? Can I move /usr and /boot to the end of unallocated space and then grow /home?
1172[17:18:57] <alexrelis[m]> otisolsen70: you can use anything really. I would simply use the Debian live or non-free Debian live if you need wireless drivers.
1184[17:22:35] <jelly> otisolsen70: I'd recommend reinstalling or making a backup of the complete linux installation, then reformatting with just /boot and a single LUKS and LVM on top.
1185[17:22:59] <otisolsen70> jelly, the other partitions are for Windows 10 (dual boot)
1186[17:23:04] <jelly> leave the efi and non-linux partitions as-is
1187[17:23:32] <otisolsen70> The reason for the separate /usr was that I initially ran out of space on /, so I added /usr on a separate partition.
1188[17:23:47] <jelly> using LVM would have helped with that
1213[17:33:23] <otisolsen70> I use zsh as my primary shell
1214[17:33:25] <n4dir> iirc i wanted to chroot to do something, that is, i had to chroot, and i ran in having first to find out how to to chroot from zsh to bash. Or such. Too long.
1218[17:33:52] *** nsegkos is now known as nksegos
1219[17:34:25] <otisolsen70> I have never experienced problems chrooting in zsh. But if there are problems, isnt it possible to just do "exec bash" ?
1220[17:34:46] *** Quits: conta (Thunderbir@replaced-ip) (Quit: conta)
1221[17:35:04] <n4dir> i forgot, but what i would usually do with eyes closed i first had to google. Which is not what i want when troubleshooting something completely different
1238[18:05:32] <hansol> can easly be updated debain to next release ?
1239[18:05:48] <hansol> !update
1240[18:05:48] <dpkg> [update] `aptitude update' grabs the Packages.gz files from their sources and refreshes the available packages. Use before an aptitude upgrade or before looking for stuff with apt-cache search. See also <updates>.
1267[18:27:00] <brachamh> so this morning i also figured out what docker container was attempting multiple pulls. auto updater ouroboros. so it's stopped for now until i can figure out how to make everything work like it's supposed to, not just so it works lol
1296[18:55:04] <uniqdom> Hello, while in bash, autocomplete appends / to folders if you press <TAB>, but you need to press <TAB> twice if the folder is a symlink. Is that correct or is just a misbehavior in my system?
1301[18:57:24] <uniqdom> cd /home/user/fold<TAB> -> cd /home/user/folder/, cd /home/user/symlinked-fold<TAB> -> cd /home/user/symlinked-folder, cd /home/user/symlinked-fold<TAB><TAB> -> cd /home/user/symlinked-folder/
1302[18:57:53] <jelly> that smells like a feature, ask in #bash ?
1337[19:17:24] <jelly> EugenA: what is that and do you need it?
1338[19:18:35] <EugenA> i'm trying to get working debian on single board computer Odroid N2
1339[19:18:48] <EugenA> it has arm cpu
1340[19:19:13] <jhutchins> !arm
1341[19:19:14] <dpkg> Advanced RISC Machine (ARM) is a processor architecture. The Debian arm port was deprecated at 5.0 "Lenny" with official support dropped at 6.0 "Squeeze", ask me about <armel> for the replacement port. See also <armhf>. replaced-url
1342[19:19:31] <EugenA> distro i'm using had already all that sources...
1352[19:28:43] <EugenA> well, I'm running linux now
1353[19:29:12] <EugenA> arch linux?
1354[19:29:45] <ratrace> You're in #debian. What do you think?
1355[19:29:54] <jelly> EugenA: can you pastebin the output of "apt-key export 96C5830639B8AE9C" but on an actual text pastebin like paste.debian.net
1356[19:31:35] <EugenA> >Advanced RISC Machine (ARM) is a processor architecture. The Debian arm port was deprecated at 5.0 "Lenny" with official support dropped at 6.0 "Squeeze"
1358[19:32:03] <EugenA> I still can see this replaced-url
1359[19:32:16] <EugenA> so it is not deprecated?
1360[19:32:38] <ratrace> arm64 != arm
1361[19:33:38] <jelly> !arm
1362[19:33:39] <dpkg> Advanced RISC Machine (ARM) is a processor architecture. The Debian arm port was deprecated at 5.0 "Lenny" with official support dropped at 6.0 "Squeeze", ask me about <armel> for the replacement port. See also <armhf>. replaced-url
1363[19:33:48] <jelly> silly me
1364[19:33:56] <jelly> !armhr
1365[19:33:59] <jelly> !armhf
1366[19:33:59] <dpkg> armhf is a port of Debian requiring a floating-point unit (FPU) found in modern <ARM> hardware. It explicitly targets version 7 of the ARM architecture (i.e. not the Raspberry Pi), using the hard-float version of the ARM EABI. The armhf architecture was introduced at Debian 7.0 "Wheezy". replaced-url
1388[19:44:18] <dpkg> A command-line tool to send data to a <pastebin>. To paste e.g. your sources.list do "apt-get install pastebinit; pastebinit /etc/apt/sources.list"; to paste the output of a program do e.g. "dmesg 2>&1 | pastebinit". For a list of pastebin sites do "pastebinit -l". See also <pastebinit config>, <nopaste>.
1389[19:44:26] <EugenA> jelly: yes, this is the key : replaced-url
1390[19:44:55] <jelly> EugenA: what does "dpkg --print-architecture" say on that system? I can't reproduce with i386 or amd64...
1391[19:45:34] <EugenA> it says "arm64"
1392[19:45:39] <jelly> good
1393[19:46:08] <EugenA> system is running on new microSD card.. bought yesterday
1405[19:55:00] <jelly> EugenA: I can't reproduce, you have found a bug but it's possible the bug is only exposed because of a corrupted download. I'd like to see that download because the bug may have security implications. How large is the apt lists dir on that machine? "du /var/lib/apt/lists"
1406[19:55:45] *** Quits: underdogs (~underdogs@replaced-ip) (Quit: IRCNow and Forever!)
1407[19:56:24] <jelly> EugenA: also, which version of apt? dpkg -l apt |tail -n1
1427[20:02:35] <incal> hello guys, how can I show a file in the terminal, like with less, only with no interface, just the file, and the program won't exit, just show the file until killed? TIA
1438[20:09:10] <incal> no, I want to do a cool screenshot with one tmux pane only showing what's int the file, not the less interface and not the shell prompt...
1442[20:10:45] <ratrace> incal: "show a file in terminal [...] not the shell prompt" :: you should really explain that
1443[20:10:49] <ratrace> also:
1444[20:10:51] <ratrace> !xy
1445[20:10:52] <dpkg> Slow down for a bit! Are you sure that you need to jump through that particular hoop to achieve your goal? We suspect you don't, so why don't you back up a bit and tell us about the overall objective... We know that people often falsely diagnose problems because they are too close to them -- it's easy to miss that there is a better way to proceed. See replaced-url
1446[20:11:30] <ratrace> but trying to decypher what you mean literally ..... cat <somefile > ; sleep 999999
1451[20:12:16] <dpkg> Slow down for a bit! Are you sure that you need to jump through that particular hoop to achieve your goal? We suspect you don't, so why don't you back up a bit and tell us about the overall objective... We know that people often falsely diagnose problems because they are too close to them -- it's easy to miss that there is a better way to proceed. See replaced-url
1452[20:12:21] <incal> !xy
1453[20:12:24] <incal> ha
1454[20:12:26] <incal> sorry
1455[20:12:35] <sney> o_o
1456[20:12:48] <incal> just wanted to check your bot was into the game
1470[20:17:00] <ratrace> I think I get it no... incal wanted to "censor" their prompt, and show us a tmux screenie. ....... use gimp next time to 'shop the pic :)
1471[20:17:04] <ratrace> *now
1472[20:17:12] <jhutchins> print it out and tape it over the screen.
1473[20:17:25] <ratrace> that too =)
1474[20:17:53] <incal> ha you jesters :)
1475[20:17:59] <ratrace> some srs haxx0ring in that screen!
1494[20:36:04] <jelly> EugenA: and I suspect you either had a corrupted download, or the repo was broken at some point in the past but isn't right now
1495[20:37:15] <jelly> EugenA: still, I added arm64, added all the mdrjr repos, got apt 1.8.2 and still couldn't reproduce... so apparently the repo is okay now. Or we're not accessing the same repo.
1497[20:38:21] <jelly> I do have some arm64 capable hardware but it's not running Debian right now
1498[20:39:52] <jelly> EugenA: I suspect your immediate issue will be solved by "rm /var/lib/apt/lists/partial/*.* /var/lib/apt/lists/*mdrjr*" and doing an apt update afterwards.
1502[20:42:55] <wisbit> quick quesiton about apache on debian (httpd channel told me "we don't support broken debian scripts in #httpd hahaha)
1503[20:42:57] <wisbit> the a2en function basically just copy the files into the enabled folders, a2diss removes it, and apache looks only in the "enabled" folder? am I correct ?
1504[20:43:13] <sney> wisbit: it creates symlinks, but otherwise yes
1506[20:44:51] <wisbit> sney, cheers for that answers, it's crazy that when first appoaching the whole apache2 system, I got completely lost, but after dabbling with it, it's actually quite simple, but man ...
1554[21:17:04] <jmcnaught> siiky: on there is a Debian stable release (like Debian 10 "buster") the versions of packages remain the same. They get security fixes backported to them. Only a few exceptions are made for complicated and important packages like firefox-esr. Every couple of years there is a new Debian stable release with newer versions of packages.
1566[21:28:00] <wisbit> apache on debian question: is there a conflict, or redundancy, between ssl.conf in mods-eabled and a ssl-params.conf that I made (in conf-available) and loaded ? they seem to contain similar information SSLCypherSuite, SSLProtocols ...
1584[21:39:12] <jmcnaught> wisbit: I guess if you are hosting multiple sites it makes more sense to put configuration common to all virtual hosts into a global server config in conf-enabled/
1593[21:42:09] <EdePopede> the files are in *-available and debian's tool creates links in *-enabled. but they are 'Include'd by the default directive anyway.
1596[21:45:39] <SerajewelKS> ratrace: hmm odd, i can't get it to see any GPT disks as bootable. going to try DOS/MBR.
1597[21:46:07] <wisbit> my question was that there is a conf file related to ssl in the mods-enabled folder and I wondered what it was about since I also have a ssl conf file in conf-available
1600[21:47:16] <sney> wisbit: the one in mods-enabled is for enabling mod_ssl itself. any configuration in there is probably intended as sane defaults.
1607[21:50:57] <ratrace> SerajewelKS: where did you install grub? disk or partition?
1608[21:51:09] <SerajewelKS> ratrace: disk, with 1MB bios boot partition at the start of the disk
1609[21:51:23] <ratrace> SerajewelKS: also is the bios grub partition marked as such? granted, you couldn't even install it without that, and without it loudly complaining
1610[21:51:34] <SerajewelKS> yes it was
1611[21:51:43] <EugenA> jelly: still cannot do apt update
1612[21:51:50] <ratrace> otherwise pretty sure qemu-kvm can boot virtual or physical disks in gpt layout. I got a bunch VMs doing that.
1613[21:51:59] *** Quits: Jerrynicki (~niklas@replaced-ip) (Remote host closed the connection)
1614[21:52:10] <SerajewelKS> weird. i was getting the standard "no bootable devices"
1615[21:52:15] <EugenA> I think I'll try to rewrite img to my sdcard
1616[21:52:24] <ratrace> SerajewelKS: could be you're using wrong params for qemu-system?
1627[21:55:36] <wisbit> jmcnaught: YES thanks a lot mate, that's exactly what I was struggling with,
1628[21:55:37] <SerajewelKS> i did specify a physical+logical sector size of 4096 instead of 512, perhaps that is throwing qemu off (GPT layout depends on sector size)
1629[21:55:51] <SerajewelKS> maybe the qemu code that parses GPT assumes a sector size of 512?
1630[21:56:16] <jmcnaught> wisbit: you can read /etc/apache2/apache2.conf to see the order of the IncludeOptional directives that are used.
1631[22:00:26] <SerajewelKS> hmm DOS/MBR won't boot either
1632[22:00:39] <SerajewelKS> really suspicious the sector size is the issue
1645[22:03:29] <ratrace> SerajewelKS: mind you, the sector size is irrelevant for the pmbr and the bios_grub, it only matters for the filesystem where /boot resides, and that surely is not a problem, whether it's 512n/e or 4k
1646[22:03:44] <jmcnaught> jak2000: read the list of packages proposed for removal very carefully before agreeing to it.
1647[22:03:58] <ratrace> SerajewelKS: I never forced any sector size in qemu params tho
1650[22:05:11] <SerajewelKS> ratrace: i'm going to try again with 512 logical / 4096 physical, unless you spot any problems here
1651[22:05:36] <SerajewelKS> this same config works with only one drive, using a file instead of an LV, and omitting the sector size options
1652[22:06:15] <SerajewelKS> multiple drives should not matter (grub is installed to all), qemu really doesn't give a rip about device vs. file (and live environment can see the disks), the only other thing changed is the sector size so that's why i'm suspicious
1654[22:07:15] <SerajewelKS> oh the old config also had discard=unmap on the -drive line
1655[22:07:23] <SerajewelKS> (the raw file was sparse)
1656[22:07:34] <ratrace> SerajewelKS: try removing logical_block_size and physical_block_size from the options
1657[22:08:14] <SerajewelKS> when i booted with that the reported sizes were 512/512 which does not match the underlying hardware (which is 512 / 4096)
1658[22:08:49] <ratrace> not sure the hypervisor needs to concern itself with that
1661[22:09:19] <SerajewelKS> the guest may make poor choices if it doesn't see the 4096-byte logical sector size though, no?
1662[22:09:22] <ratrace> never saw any tuning recommendation use it, and I never used that myself, could easily saturate sata3 drives, both in bandwidth and iops
1663[22:09:56] <SerajewelKS> i guess i am throwing luks with --sector-size 4096 on top, so the luks layer should take care of enforcing 4k I/O
1664[22:10:03] <ratrace> yes
1665[22:10:11] <ratrace> also, use writeback cache for best perf
1666[22:10:14] <SerajewelKS> it just seems weird that qemu wouldn't be able to handle booting unless the sector size is 512
1667[22:10:41] <SerajewelKS> writeback is not crash-safe though?
1679[22:13:23] <ratrace> I suspect bios_grub is not 1M/4K aligned. if its 512b aligned and you tried to force 4k and the offset doesn't happen to be at a factor of 4k.... it's gonna error out like this
1680[22:13:37] <SerajewelKS> yeah fdisk is 1M-aligning everything if i don't change the start sector
1681[22:13:46] <ratrace> SerajewelKS: $1M question: 1M or 1MiB :)
1696[22:21:44] <SerajewelKS> man i hate luks sometimes
1697[22:22:12] <SerajewelKS> it requires a container be an exact multiple of the sector size. it can't just _not use_ any trailing space like any other sane container.
1698[22:22:38] <SerajewelKS> (another reason 4096-byte physical sectors are nice)
1701[22:24:02] <jak2000> my debian sleep.. how to remove the sleep mode?
1702[22:24:25] <SnakesAndStuff> what is the correct method for Debian 10 to set preferred_lft 0 on an address to prevent new communications to use it as a source address?
1703[22:24:35] <SnakesAndStuff> preferably somwhow to add it to /etc/network/interfaces?
1704[22:25:04] <SnakesAndStuff> Right now the source address being used is the last added (which if I undertand is a tie breaker when there is same scope)
1706[22:25:29] <SnakesAndStuff> But I'd like to be able to have it start up as depricated to prevent it from being used... But I still need it enabled because my VPS uses it internally....
1754[23:08:13] <pfred1> OK this is bizarre I just made my directories and put some files into them and now Configure Paths has all of those places in it
1758[23:11:27] <pfred1> what kind of sorcery is this?
1759[23:12:58] <ratrace> what is "Configure Paths"
1760[23:13:29] <SerajewelKS> ratrace: boots with 512 logical and 4096 physical sector size. qemu must not be able to parse partition tables properly when the logical sector size is 4k.
1768[23:18:29] <SerajewelKS> my guess is that it's hardcoded to use a 512 byte sector size regardless so the offsets in the partition table as qemu uses them are wrong, so it doesn't find anything bootable. or something like that.